0

While attempting to disassemble my school library's book keeping app using IDA pro i came across this LDR statement which im not able to edit.

I wanted to increase the no. of pages of a particular book to a higher value so i found out the ARM instruction where it assigned the latter and changed it to a higher value.

Original: 

LDR     R3, =(dword_8C46D0 - 0x3DBCDA)

When i tried to rename the address name to: dword_8C43D4

I received the following error message:

Can't rename byte as 'dword_8C43D4' because the name has a reserved prefix.

So, what are these reserved prefixes and how do i tackle this problem?

Also, where can i get the short and informative tutorials for learning disassembly using ida pro?

Seki
  • 11,135
  • 7
  • 46
  • 70
Sujith Sizon
  • 123
  • 6
  • 1
    Just use whatever hex value you want; not some label. If you want 0x8c43d4, then you can use `ldr r3, =0x8c43d4`. What is the meaning of 'dword_8C46D0'? `LDR Rn,=value` just loads a 32bit value in the 'Rn'. The arm opcode is only 32bit long so you can not load a 32bit constant (bits in the opcode mean other things like *add*, *sub*, etc). – artless noise Jan 13 '16 at 17:35
  • ldr rD,=something is a pseudo instruction that the various assemblers support as artless noise mentioned is because you cannot load any 32 bit value you want as an immediate (in a 32 bit instruction 32+opcode+dest register spec cannot be less than or equal to 32). the value on the right has to be something the assembler can compute into a number if it can do label math, okay. if it can do any math at all, okay otherwise just a label or just a value. that value is meant to be an address (a label) but they let you use an immediate value instead of a label string wherever I have used it. – old_timer Jan 13 '16 at 20:18
  • you want info about ida pro, contact support. – old_timer Jan 13 '16 at 20:19
  • @artlessnoise thankyou, so in my first line dword_8C46D0 is the label and hex value 0x3DBCDA is stored in it? – Sujith Sizon Jan 14 '16 at 01:08
  • I don't know IDA Pro specifically, but I'd say it looks to have figured that the arbitrary 32-bit constant being loaded was an address, then decomposed that address into a massive negative offset from something it reckoned was a symbol. Sometimes tools can be _too_ clever... – Notlikethat Jan 14 '16 at 01:56
  • @Notlikethat since i wanted it to load hex value 0x8C43D4 i modified it to LDR R3, =(dword_8C46D0 - 0x8C43D4) but still im getting the same error. – Sujith Sizon Jan 14 '16 at 02:35
  • just change it to ldr r3,=0x8C43D4 then. – old_timer Jan 14 '16 at 03:18
  • If you are tweaking the binary, the *code* `ldr r3,=0x8C46D0` is like, `ldr r3, [pc, #offset_constant]` with `offset_constant: .word 0x8C46D0` (or the like). You can just change the 'offset_constant' to 0x8C43D4 (and 'offset_constant' is like dword_8C46D0)... but as *notlikethat* said the actually address seems to be subtracting something. I think you can probably tell IDA pro not to be so 'intelligent' the 'offset_constant' is somewhere and a hex editor search will find the value; if you know what it loads to r3. – artless noise Jan 15 '16 at 17:09

0 Answers0